Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File: XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier: /01SI+U4sigfxcySXLY3SxuCVdNWdES0e7wF4itkgWo=
Subject key identifier: DA:AC:80:F1:9F:96:D7:4E:F5:94:1C:92:FC:3C:6A:1F:FF:52:E1:41
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer: /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial: 019A51505E31E304485FE3DC3FC51C24AAC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number: 06F6
Signing time: Wed 05 Nov 2025 00:00:12 +0000
Manifest this update: Wed 05 Nov 2025 00:00:12 +0000
Manifest next update: Thu 06 Nov 2025 00:00:12 +0000
Files and hashes: 1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: hxSpTVUnVpAZcpeTeOORXYVT6sDL7me0q982BXY9sO0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 00:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:50:5e:31:e3:04:48:5f:e3:dc:3f:c5:1c:24:aa:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Validity
Not Before: Nov 5 00:00:12 2025 GMT
Not After : Nov 6 00:00:12 2025 GMT
Subject: CN=daac80f19f96d74ef5941c92fc3c6a1fff52e141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2f:17:c1:98:e7:8e:6b:67:fb:66:32:e3:7e:
f1:40:b6:af:6f:df:e8:ac:ce:e8:1f:97:04:e8:76:
f9:70:a3:7a:8d:87:a6:d6:73:1f:a7:45:44:48:f1:
58:bd:28:ca:95:6e:df:bd:e8:62:c0:19:00:0e:04:
b6:40:24:8b:f0:3c:0a:7b:14:75:60:5c:12:12:8b:
df:90:3b:bc:b7:33:14:1a:c0:c7:c5:40:a4:5c:51:
cf:ef:56:cd:10:15:9a:60:d9:a7:10:c7:e4:9d:07:
a0:cb:ab:5e:63:e7:4b:c9:8d:dc:82:74:9d:dc:6e:
39:11:5b:ad:7a:e9:b8:d4:20:29:dc:79:81:4d:da:
3f:7a:4d:cc:0c:68:f5:61:b5:d2:5a:d7:5f:fb:ce:
76:16:d0:24:8a:9e:33:76:30:42:9b:74:16:2e:b8:
17:dd:62:42:a9:9c:99:6b:db:d1:d0:f1:3e:ca:1e:
08:1a:ac:70:4c:ea:66:2b:d7:9d:dd:e2:40:82:60:
f6:aa:41:c6:55:ad:c9:9b:8a:8c:12:57:69:5f:a3:
d3:02:dc:68:9f:52:94:a5:11:ac:44:52:59:c9:b6:
e5:6a:87:59:05:2e:35:fe:9c:af:9e:60:3f:fd:99:
84:f9:64:2c:54:6d:88:ea:a4:02:da:b3:c2:e2:4b:
98:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AC:80:F1:9F:96:D7:4E:F5:94:1C:92:FC:3C:6A:1F:FF:52:E1:41
X509v3 Authority Key Identifier:
keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:a7:ec:a0:e8:4f:c2:f2:4e:8b:11:09:87:63:40:6c:6b:1b:
cc:8b:11:ed:9b:c1:d6:56:e2:8b:78:89:40:62:6c:25:af:77:
d8:34:50:d1:12:00:08:fb:8d:4d:8a:ab:d3:92:5d:4a:79:04:
60:23:c3:ad:a5:d4:af:5c:57:19:96:cf:f4:ce:dd:15:a5:de:
62:2a:ca:52:13:34:9d:46:0c:eb:34:25:b9:ba:cd:fa:56:71:
98:44:4b:6c:f8:c1:87:a0:35:64:2b:85:37:2f:52:ba:bc:5f:
a1:9b:72:3f:cd:39:b7:5c:01:db:ca:f0:7d:5a:98:62:de:3f:
0d:bd:40:40:e1:17:8f:9a:5b:50:82:49:0e:e0:52:b5:bf:96:
e5:c9:dd:61:0b:f1:96:48:3c:6c:ab:98:bf:59:5d:be:89:87:
47:8a:18:70:90:64:e6:8c:26:d1:53:6e:92:20:db:12:fc:d0:
e3:d4:c0:e3:7a:ce:d2:15:17:22:66:5c:8e:ea:03:56:6e:93:
00:67:45:0e:3c:83:0d:04:62:4b:f7:f6:f8:2a:ff:2c:1e:8a:
34:b4:cb:ac:bb:4e:5d:00:87:1c:90:dd:99:34:01:c4:bf:2c:
e4:d0:8f:d6:dc:80:42:3d:94:60:a7:b9:d6:7a:e3:9f:b5:eb:
8b:8c:1d:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUF4x4wRIX+PcP8UcJKrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjUxMTA1MDAwMDEyWhcNMjUxMTA2MDAwMDEyWjAzMTEwLwYDVQQD
EyhkYWFjODBmMTlmOTZkNzRlZjU5NDFjOTJmYzNjNmExZmZmNTJlMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry8XwZjnjmtn+2Yy437xQLavb9/o
rM7oH5cE6Hb5cKN6jYem1nMfp0VESPFYvSjKlW7fvehiwBkADgS2QCSL8DwKexR1
YFwSEovfkDu8tzMUGsDHxUCkXFHP71bNEBWaYNmnEMfknQegy6teY+dLyY3cgnSd
3G45EVuteum41CAp3HmBTdo/ek3MDGj1YbXSWtdf+852FtAkip4zdjBCm3QWLrgX
3WJCqZyZa9vR0PE+yh4IGqxwTOpmK9ed3eJAgmD2qkHGVa3Jm4qMEldpX6PTAtxo
n1KUpRGsRFJZybblaodZBS41/pyvnmA//ZmE+WQsVG2I6qQC2rPC4kuYvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqsgPGfltdO9ZQckvw8ah//UuFBMB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOKfsoOhP
wvJOixEJh2NAbGsbzIsR7ZvB1lbii3iJQGJsJa932DRQ0RIACPuNTYqr05JdSnkE
YCPDraXUr1xXGZbP9M7dFaXeYirKUhM0nUYM6zQlubrN+lZxmERLbPjBh6A1ZCuF
Ny9SurxfoZtyP805t1wB28rwfVqYYt4/Db1AQOEXj5pbUIJJDuBStb+W5cndYQvx
lkg8bKuYv1ldvomHR4oYcJBk5owm0VNukiDbEvzQ49TA43rO0hUXImZcjuoDVm6T
AGdFDjyDDQRiS/f2+Cr/LB6KNLTLrLtOXQCHHJDdmTQBxL8s5NCP1tyAQj2UYKe5
1nrjn7Xri4wdfw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:58:27 2025 by rpki-client